1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Kms
  5. GeneratedKey
Oracle Cloud Infrastructure v1.11.0 published on Wednesday, Sep 27, 2023 by Pulumi

oci.Kms.GeneratedKey

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v1.11.0 published on Wednesday, Sep 27, 2023 by Pulumi

    This resource provides the Generated Key resource in Oracle Cloud Infrastructure Kms service.

    Generates a key that you can use to encrypt or decrypt data.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testGeneratedKey = new Oci.Kms.GeneratedKey("testGeneratedKey", new()
        {
            CryptoEndpoint = @var.Generated_key_crypto_endpoint,
            IncludePlaintextKey = @var.Generated_key_include_plaintext_key,
            KeyId = oci_kms_key.Test_key.Id,
            KeyShape = new Oci.Kms.Inputs.GeneratedKeyKeyShapeArgs
            {
                Algorithm = @var.Generated_key_key_shape_algorithm,
                Length = @var.Generated_key_key_shape_length,
                CurveId = oci_kms_curve.Test_curve.Id,
            },
            AssociatedData = @var.Generated_key_associated_data,
            LoggingContext = @var.Generated_key_logging_context,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/go/oci/Kms"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := Kms.NewGeneratedKey(ctx, "testGeneratedKey", &Kms.GeneratedKeyArgs{
    			CryptoEndpoint:      pulumi.Any(_var.Generated_key_crypto_endpoint),
    			IncludePlaintextKey: pulumi.Any(_var.Generated_key_include_plaintext_key),
    			KeyId:               pulumi.Any(oci_kms_key.Test_key.Id),
    			KeyShape: &kms.GeneratedKeyKeyShapeArgs{
    				Algorithm: pulumi.Any(_var.Generated_key_key_shape_algorithm),
    				Length:    pulumi.Any(_var.Generated_key_key_shape_length),
    				CurveId:   pulumi.Any(oci_kms_curve.Test_curve.Id),
    			},
    			AssociatedData: pulumi.Any(_var.Generated_key_associated_data),
    			LoggingContext: pulumi.Any(_var.Generated_key_logging_context),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.Kms.GeneratedKey;
    import com.pulumi.oci.Kms.GeneratedKeyArgs;
    import com.pulumi.oci.Kms.inputs.GeneratedKeyKeyShapeArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var testGeneratedKey = new GeneratedKey("testGeneratedKey", GeneratedKeyArgs.builder()        
                .cryptoEndpoint(var_.generated_key_crypto_endpoint())
                .includePlaintextKey(var_.generated_key_include_plaintext_key())
                .keyId(oci_kms_key.test_key().id())
                .keyShape(GeneratedKeyKeyShapeArgs.builder()
                    .algorithm(var_.generated_key_key_shape_algorithm())
                    .length(var_.generated_key_key_shape_length())
                    .curveId(oci_kms_curve.test_curve().id())
                    .build())
                .associatedData(var_.generated_key_associated_data())
                .loggingContext(var_.generated_key_logging_context())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_oci as oci
    
    test_generated_key = oci.kms.GeneratedKey("testGeneratedKey",
        crypto_endpoint=var["generated_key_crypto_endpoint"],
        include_plaintext_key=var["generated_key_include_plaintext_key"],
        key_id=oci_kms_key["test_key"]["id"],
        key_shape=oci.kms.GeneratedKeyKeyShapeArgs(
            algorithm=var["generated_key_key_shape_algorithm"],
            length=var["generated_key_key_shape_length"],
            curve_id=oci_kms_curve["test_curve"]["id"],
        ),
        associated_data=var["generated_key_associated_data"],
        logging_context=var["generated_key_logging_context"])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testGeneratedKey = new oci.kms.GeneratedKey("testGeneratedKey", {
        cryptoEndpoint: _var.generated_key_crypto_endpoint,
        includePlaintextKey: _var.generated_key_include_plaintext_key,
        keyId: oci_kms_key.test_key.id,
        keyShape: {
            algorithm: _var.generated_key_key_shape_algorithm,
            length: _var.generated_key_key_shape_length,
            curveId: oci_kms_curve.test_curve.id,
        },
        associatedData: _var.generated_key_associated_data,
        loggingContext: _var.generated_key_logging_context,
    });
    
    resources:
      testGeneratedKey:
        type: oci:Kms:GeneratedKey
        properties:
          #Required
          cryptoEndpoint: ${var.generated_key_crypto_endpoint}
          includePlaintextKey: ${var.generated_key_include_plaintext_key}
          keyId: ${oci_kms_key.test_key.id}
          keyShape:
            algorithm: ${var.generated_key_key_shape_algorithm}
            length: ${var.generated_key_key_shape_length}
            curveId: ${oci_kms_curve.test_curve.id}
          #Optional
          associatedData: ${var.generated_key_associated_data}
          loggingContext: ${var.generated_key_logging_context}
    

    Create GeneratedKey Resource

    new GeneratedKey(name: string, args: GeneratedKeyArgs, opts?: CustomResourceOptions);
    @overload
    def GeneratedKey(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     associated_data: Optional[Mapping[str, Any]] = None,
                     crypto_endpoint: Optional[str] = None,
                     include_plaintext_key: Optional[bool] = None,
                     key_id: Optional[str] = None,
                     key_shape: Optional[_kms.GeneratedKeyKeyShapeArgs] = None,
                     logging_context: Optional[Mapping[str, Any]] = None)
    @overload
    def GeneratedKey(resource_name: str,
                     args: GeneratedKeyArgs,
                     opts: Optional[ResourceOptions] = None)
    func NewGeneratedKey(ctx *Context, name string, args GeneratedKeyArgs, opts ...ResourceOption) (*GeneratedKey, error)
    public GeneratedKey(string name, GeneratedKeyArgs args, CustomResourceOptions? opts = null)
    public GeneratedKey(String name, GeneratedKeyArgs args)
    public GeneratedKey(String name, GeneratedKeyArgs args, CustomResourceOptions options)
    
    type: oci:Kms:GeneratedKey
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args GeneratedKeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args GeneratedKeyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args GeneratedKeyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args GeneratedKeyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args GeneratedKeyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    GeneratedKey Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The GeneratedKey resource accepts the following input properties:

    CryptoEndpoint string

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    IncludePlaintextKey bool

    If true, the generated key is also returned unencrypted.

    KeyId string

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    KeyShape GeneratedKeyKeyShape

    The cryptographic properties of a key.

    AssociatedData Dictionary<string, object>

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    LoggingContext Dictionary<string, object>

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    CryptoEndpoint string

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    IncludePlaintextKey bool

    If true, the generated key is also returned unencrypted.

    KeyId string

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    KeyShape GeneratedKeyKeyShapeArgs

    The cryptographic properties of a key.

    AssociatedData map[string]interface{}

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    LoggingContext map[string]interface{}

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    cryptoEndpoint String

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    includePlaintextKey Boolean

    If true, the generated key is also returned unencrypted.

    keyId String

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    keyShape GeneratedKeyKeyShape

    The cryptographic properties of a key.

    associatedData Map<String,Object>

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    loggingContext Map<String,Object>

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    cryptoEndpoint string

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    includePlaintextKey boolean

    If true, the generated key is also returned unencrypted.

    keyId string

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    keyShape GeneratedKeyKeyShape

    The cryptographic properties of a key.

    associatedData {[key: string]: any}

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    loggingContext {[key: string]: any}

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    crypto_endpoint str

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    include_plaintext_key bool

    If true, the generated key is also returned unencrypted.

    key_id str

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    key_shape GeneratedKeyKeyShapeArgs

    The cryptographic properties of a key.

    associated_data Mapping[str, Any]

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    logging_context Mapping[str, Any]

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    cryptoEndpoint String

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    includePlaintextKey Boolean

    If true, the generated key is also returned unencrypted.

    keyId String

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    keyShape Property Map

    The cryptographic properties of a key.

    associatedData Map<Any>

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    loggingContext Map<Any>

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    Outputs

    All input properties are implicitly available as output properties. Additionally, the GeneratedKey resource produces the following output properties:

    Ciphertext string

    The encrypted data encryption key generated from a master encryption key.

    Id string

    The provider-assigned unique ID for this managed resource.

    Plaintext string

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    PlaintextChecksum string

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    Ciphertext string

    The encrypted data encryption key generated from a master encryption key.

    Id string

    The provider-assigned unique ID for this managed resource.

    Plaintext string

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    PlaintextChecksum string

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    ciphertext String

    The encrypted data encryption key generated from a master encryption key.

    id String

    The provider-assigned unique ID for this managed resource.

    plaintext String

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    plaintextChecksum String

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    ciphertext string

    The encrypted data encryption key generated from a master encryption key.

    id string

    The provider-assigned unique ID for this managed resource.

    plaintext string

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    plaintextChecksum string

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    ciphertext str

    The encrypted data encryption key generated from a master encryption key.

    id str

    The provider-assigned unique ID for this managed resource.

    plaintext str

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    plaintext_checksum str

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    ciphertext String

    The encrypted data encryption key generated from a master encryption key.

    id String

    The provider-assigned unique ID for this managed resource.

    plaintext String

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    plaintextChecksum String

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    Look up Existing GeneratedKey Resource

    Get an existing GeneratedKey resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: GeneratedKeyState, opts?: CustomResourceOptions): GeneratedKey
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            associated_data: Optional[Mapping[str, Any]] = None,
            ciphertext: Optional[str] = None,
            crypto_endpoint: Optional[str] = None,
            include_plaintext_key: Optional[bool] = None,
            key_id: Optional[str] = None,
            key_shape: Optional[_kms.GeneratedKeyKeyShapeArgs] = None,
            logging_context: Optional[Mapping[str, Any]] = None,
            plaintext: Optional[str] = None,
            plaintext_checksum: Optional[str] = None) -> GeneratedKey
    func GetGeneratedKey(ctx *Context, name string, id IDInput, state *GeneratedKeyState, opts ...ResourceOption) (*GeneratedKey, error)
    public static GeneratedKey Get(string name, Input<string> id, GeneratedKeyState? state, CustomResourceOptions? opts = null)
    public static GeneratedKey get(String name, Output<String> id, GeneratedKeyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AssociatedData Dictionary<string, object>

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    Ciphertext string

    The encrypted data encryption key generated from a master encryption key.

    CryptoEndpoint string

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    IncludePlaintextKey bool

    If true, the generated key is also returned unencrypted.

    KeyId string

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    KeyShape GeneratedKeyKeyShape

    The cryptographic properties of a key.

    LoggingContext Dictionary<string, object>

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    Plaintext string

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    PlaintextChecksum string

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    AssociatedData map[string]interface{}

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    Ciphertext string

    The encrypted data encryption key generated from a master encryption key.

    CryptoEndpoint string

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    IncludePlaintextKey bool

    If true, the generated key is also returned unencrypted.

    KeyId string

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    KeyShape GeneratedKeyKeyShapeArgs

    The cryptographic properties of a key.

    LoggingContext map[string]interface{}

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    Plaintext string

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    PlaintextChecksum string

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    associatedData Map<String,Object>

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    ciphertext String

    The encrypted data encryption key generated from a master encryption key.

    cryptoEndpoint String

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    includePlaintextKey Boolean

    If true, the generated key is also returned unencrypted.

    keyId String

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    keyShape GeneratedKeyKeyShape

    The cryptographic properties of a key.

    loggingContext Map<String,Object>

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    plaintext String

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    plaintextChecksum String

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    associatedData {[key: string]: any}

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    ciphertext string

    The encrypted data encryption key generated from a master encryption key.

    cryptoEndpoint string

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    includePlaintextKey boolean

    If true, the generated key is also returned unencrypted.

    keyId string

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    keyShape GeneratedKeyKeyShape

    The cryptographic properties of a key.

    loggingContext {[key: string]: any}

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    plaintext string

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    plaintextChecksum string

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    associated_data Mapping[str, Any]

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    ciphertext str

    The encrypted data encryption key generated from a master encryption key.

    crypto_endpoint str

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    include_plaintext_key bool

    If true, the generated key is also returned unencrypted.

    key_id str

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    key_shape GeneratedKeyKeyShapeArgs

    The cryptographic properties of a key.

    logging_context Mapping[str, Any]

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    plaintext str

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    plaintext_checksum str

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    associatedData Map<Any>

    Information that can be used to provide an encryption context for the encrypted data. The length of the string representation of the associated data must be fewer than 4096 characters.

    ciphertext String

    The encrypted data encryption key generated from a master encryption key.

    cryptoEndpoint String

    The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,' and 'GenerateDataEncryptionKey' operations. see Vault Crypto endpoint.

    includePlaintextKey Boolean

    If true, the generated key is also returned unencrypted.

    keyId String

    The OCID of the master encryption key to encrypt the generated data encryption key with.

    keyShape Property Map

    The cryptographic properties of a key.

    loggingContext Map<Any>

    Information that provides context for audit logging. You can provide this additional data by formatting it as key-value pairs to include in audit logs when audit logging is enabled.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    plaintext String

    The plaintext data encryption key, a base64-encoded sequence of random bytes, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    plaintextChecksum String

    The checksum of the plaintext data encryption key, which is included if the GenerateDataEncryptionKey request includes the includePlaintextKey parameter and sets its value to "true".

    Supporting Types

    GeneratedKeyKeyShape, GeneratedKeyKeyShapeArgs

    Algorithm string

    The algorithm used by a key's key versions to encrypt or decrypt.

    Length int

    The length of the key in bytes, expressed as an integer. Supported values include the following:

    • AES: 16, 24, or 32
    • RSA: 256, 384, or 512
    • ECDSA: 32, 48, or 66
    CurveId string

    Supported curve IDs for ECDSA keys.

    Algorithm string

    The algorithm used by a key's key versions to encrypt or decrypt.

    Length int

    The length of the key in bytes, expressed as an integer. Supported values include the following:

    • AES: 16, 24, or 32
    • RSA: 256, 384, or 512
    • ECDSA: 32, 48, or 66
    CurveId string

    Supported curve IDs for ECDSA keys.

    algorithm String

    The algorithm used by a key's key versions to encrypt or decrypt.

    length Integer

    The length of the key in bytes, expressed as an integer. Supported values include the following:

    • AES: 16, 24, or 32
    • RSA: 256, 384, or 512
    • ECDSA: 32, 48, or 66
    curveId String

    Supported curve IDs for ECDSA keys.

    algorithm string

    The algorithm used by a key's key versions to encrypt or decrypt.

    length number

    The length of the key in bytes, expressed as an integer. Supported values include the following:

    • AES: 16, 24, or 32
    • RSA: 256, 384, or 512
    • ECDSA: 32, 48, or 66
    curveId string

    Supported curve IDs for ECDSA keys.

    algorithm str

    The algorithm used by a key's key versions to encrypt or decrypt.

    length int

    The length of the key in bytes, expressed as an integer. Supported values include the following:

    • AES: 16, 24, or 32
    • RSA: 256, 384, or 512
    • ECDSA: 32, 48, or 66
    curve_id str

    Supported curve IDs for ECDSA keys.

    algorithm String

    The algorithm used by a key's key versions to encrypt or decrypt.

    length Number

    The length of the key in bytes, expressed as an integer. Supported values include the following:

    • AES: 16, 24, or 32
    • RSA: 256, 384, or 512
    • ECDSA: 32, 48, or 66
    curveId String

    Supported curve IDs for ECDSA keys.

    Import

    Import is not supported for this resource.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the oci Terraform Provider.

    oci logo
    Oracle Cloud Infrastructure v1.11.0 published on Wednesday, Sep 27, 2023 by Pulumi